var-201611-0150
Vulnerability from variot
A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system. LenovoNotebook and ThinkServer are products of China Lenovo. The former is the notebook series, the latter is the server series. A local elevation of privilege vulnerability exists in the LenovoNotebook and ThinkServer systems. A local attacker can leverage this issue to gain elevated privileges. There are security vulnerabilities in Lenovo Notebook and ThinkServer systems
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0150", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "notebook yoga 900 13isk bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook yoga 710 11isk bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook yoga 710 11ikb bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook miix 710 12ikb bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook yoga 510 14isk bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook yoga 510 15isk bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook yoga 900s 12isk bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook xiaoxin air 12 bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook k41 80 bios", "scope": "eq", "trust": 1.6, "vendor": "lenovo", "version": null }, { "model": "notebook ideapad 300 17isk bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook e51 80 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook ideapad 300 14isk bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook ideapad 300 15isk bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkserver ts150 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook k21 80 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook e40 80 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook ideapad 510s 12isk bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook 110 15ibr bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook g50 80 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook ideapad 300 14ibr bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkserver ts450 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook b70 80 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook g50 80 touch bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook e41 80 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook g40 80 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook 110 14ibr bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook e31 80 bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "notebook ideapad 300 15ibr bios", "scope": "eq", "trust": 1.0, "vendor": "lenovo", "version": null }, { "model": "thinkserver", "scope": "eq", "trust": 0.9, "vendor": "lenovo", "version": "0" }, { "model": "notebook", "scope": "eq", "trust": 0.9, "vendor": "lenovo", "version": "0" }, { "model": "110-14ibr", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "110-14ibr bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "110-15ibr", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "110-15ibr bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "b70-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "b70-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "e31-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "e31-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "e40-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "e40-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "e41-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "e41-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "e51-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "e51-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "g40-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "g40-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "g50-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "g50-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "g50-80 touch", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "g50-80 touch bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-14ibr", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-14ibr bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-14isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-14isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-15ibr", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-15ibr bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-15isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-15isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-17isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 300-17isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 510s-12isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "ideapad 510s-12isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "k21-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "k21-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "k41-80", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "k41-80 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "miix 710-12ikb", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "miix 710-12ikb bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkserver ts150", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkserver ts150 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkserver ts450", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "thinkserver ts450 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "xiaoxin air 12", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "xiaoxin air 12 bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 510-14isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 510-14isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 510-15isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 510-15isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 710-11ikb", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 710-11ikb bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 710-11isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 710-11isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 900-13isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 900-13isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 900s-12isk", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null }, { "model": "yoga 900s-12isk bios", "scope": null, "trust": 0.8, "vendor": "lenovo", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-11754" }, { "db": "BID", "id": "94595" }, { "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "db": "CNNVD", "id": "CNNVD-201611-644" }, { "db": "NVD", "id": "CVE-2016-8224" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/h:lenovo:notebook_110_14ibr", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_110_14ibr_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_110_15ibr", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_110_15ibr_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_b70_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_b70_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_e31_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_e31_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_e40_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_e40_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_e41_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_e41_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_e51_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_e51_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_g40_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_g40_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_g50_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_g50_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_g50_80_touch", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_g50_80_touch_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_ideapad_300_14ibr", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_ideapad_300_14ibr_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_ideapad_300_14isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_ideapad_300_14isk_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_ideapad_300_15ibr", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_ideapad_300_15ibr_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_ideapad_300_15isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_ideapad_300_15isk_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_ideapad_300_17isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_ideapad_300_17isk_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_ideapad_510s_12isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_ideapad_510s_12isk_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_k21_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_k21_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_k41_80", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_k41_80_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_miix_710_12ikb", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_miix_710_12ikb_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:thinkserver_ts150", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:thinkserver_ts150_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:thinkserver_ts450", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:thinkserver_ts450_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_xiaoxin_air_12", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_xiaoxin_air_12_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_yoga_510_14isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_yoga_510_14isk_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_yoga_510_15isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_yoga_510_15isk_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_yoga_710_11ikb", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_yoga_710_11ikb_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_yoga_710_11isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_yoga_710_11isk_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_yoga_900_13isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_yoga_900_13isk_bios", "vulnerable": true }, { "cpe22Uri": "cpe:/h:lenovo:notebook_yoga_900s_12isk", "vulnerable": true }, { "cpe22Uri": "cpe:/o:lenovo:notebook_yoga_900s_12isk_bios", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-006116" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Alexander Ermolov from Digital Security ltd.", "sources": [ { "db": "BID", "id": "94595" } ], "trust": 0.3 }, "cve": "CVE-2016-8224", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "exploitabilityScore": 3.1, "id": "CVE-2016-8224", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CNVD-2016-11754", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "exploitabilityScore": 3.1, "id": "VHN-97044", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:S/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 0.8, "id": "CVE-2016-8224", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2016-8224", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2016-8224", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2016-11754", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201611-644", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-97044", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-11754" }, { "db": "VULHUB", "id": "VHN-97044" }, { "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "db": "CNNVD", "id": "CNNVD-201611-644" }, { "db": "NVD", "id": "CVE-2016-8224" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. This could result in a denial of service or privilege escalation attack on the system. LenovoNotebook and ThinkServer are products of China Lenovo. The former is the notebook series, the latter is the server series. A local elevation of privilege vulnerability exists in the LenovoNotebook and ThinkServer systems. \nA local attacker can leverage this issue to gain elevated privileges. There are security vulnerabilities in Lenovo Notebook and ThinkServer systems", "sources": [ { "db": "NVD", "id": "CVE-2016-8224" }, { "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "db": "CNVD", "id": "CNVD-2016-11754" }, { "db": "BID", "id": "94595" }, { "db": "VULHUB", "id": "VHN-97044" } ], "trust": 2.52 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-8224", "trust": 3.4 }, { "db": "BID", "id": "94595", "trust": 2.0 }, { "db": "JVNDB", "id": "JVNDB-2016-006116", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201611-644", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2016-11754", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-97044", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-11754" }, { "db": "VULHUB", "id": "VHN-97044" }, { "db": "BID", "id": "94595" }, { "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "db": "CNNVD", "id": "CNNVD-201611-644" }, { "db": "NVD", "id": "CVE-2016-8224" } ] }, "id": "VAR-201611-0150", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2016-11754" }, { "db": "VULHUB", "id": "VHN-97044" } ], "trust": 1.18125 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-11754" } ] }, "last_update_date": "2024-11-23T23:02:32.688000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "LEN-9903", "trust": 0.8, "url": "https://support.lenovo.com/us/en/solutions/len_9903" }, { "title": "Patch for LenovoNotebook and ThinkServer Local Privilege Escalation Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/84823" }, { "title": "Lenovo Notebook and ThinkServer Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65922" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-11754" }, { "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "db": "CNNVD", "id": "CNNVD-201611-644" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-310", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-97044" }, { "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "db": "NVD", "id": "CVE-2016-8224" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://support.lenovo.com/us/en/solutions/len_9903" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/94595" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8224" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8224" }, { "trust": 0.6, "url": "https://support.lenovo.com/us/zh/solutions/len_9903" }, { "trust": 0.3, "url": "http://www.lenovo.com/ca/en/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-11754" }, { "db": "VULHUB", "id": "VHN-97044" }, { "db": "BID", "id": "94595" }, { "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "db": "CNNVD", "id": "CNNVD-201611-644" }, { "db": "NVD", "id": "CVE-2016-8224" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2016-11754" }, { "db": "VULHUB", "id": "VHN-97044" }, { "db": "BID", "id": "94595" }, { "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "db": "CNNVD", "id": "CNNVD-201611-644" }, { "db": "NVD", "id": "CVE-2016-8224" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-12-02T00:00:00", "db": "CNVD", "id": "CNVD-2016-11754" }, { "date": "2016-11-29T00:00:00", "db": "VULHUB", "id": "VHN-97044" }, { "date": "2016-11-30T00:00:00", "db": "BID", "id": "94595" }, { "date": "2016-12-07T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "date": "2016-11-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201611-644" }, { "date": "2016-11-29T20:59:02.437000", "db": "NVD", "id": "CVE-2016-8224" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-12-02T00:00:00", "db": "CNVD", "id": "CNVD-2016-11754" }, { "date": "2016-12-06T00:00:00", "db": "VULHUB", "id": "VHN-97044" }, { "date": "2016-12-20T02:04:00", "db": "BID", "id": "94595" }, { "date": "2016-12-07T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-006116" }, { "date": "2016-11-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201611-644" }, { "date": "2024-11-21T02:59:01.197000", "db": "NVD", "id": "CVE-2016-8224" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "94595" }, { "db": "CNNVD", "id": "CNNVD-201611-644" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Lenovo Notebook and ThinkServer Service disruption in the system (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-006116" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "encryption problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201611-644" } ], "trust": 0.6 } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.